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DETAILED ACTION 

1 . Claims 1-20, 22, 27 and 31 are canceled by the Preliminary Amendment. 

2. Claims 21 , 23-26, 28-30, and 32-41 are pending. 



Specification 

3. The abstract of the disclosure is objected to because the abstract contains more 
than 150 words. Correction is required. See MPEP § 608.01(b). 



Double Patenting 

4. The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. A nonstatutory 
obviousness-type double patenting rejection is appropriate where the conflicting claims 
are not identical, but at least one examined application claim is not patentably distinct 
from the reference claim(s) because the examined application claim is either anticipated 
by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 
F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 11 F.3d 1046, 29 
USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 
1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 
F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 
USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321 (c) or 1 .321 (d) 
may be used to overcome an actual or provisional rejection based on a nonstatutory 
double patenting ground provided the conflicting application or patent either is shown to 
be commonly owned with this application, or claims an invention made as a result of 
activities undertaken within the scope of a joint research agreement. 

Effective January 1, 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 
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5. Claims 21 , 23 , 24, 25, 26, 29, 30, 38-41 of instant application, each claim and 
every element of claims disclose every element of claims 1,10-1 3, 23, 24 of U. S. Patent 
No. 6675225, as such anticipate claims 1, 10-13, 23, 24 of Patent No. 6675225. 

"A later patent claim is not patentably distinct from an earlier patent claim if the 
later claim is obvious over, or anticipated by, the earlier claim. In re Lonqi , 759 F.2d at 
896, 225 USPQ at 651 (affirming a holding of obviousness-type double patenting 
because the claims at issue were obvious over claims in four prior art patents); In re 
Berg , 140 F.3d at 1437, 46 USPQ2d at 1233 (Fed. Cir. 1998) (affirming a holding of 
obviousness-type double patenting where a patent application claim to a genus is 
anticipated by a patent claim to a species within that genus)." ELI LILLY AND 
COMPANY v BARR LABORATORIES, INC., United States Court of Appeals for the 
Federal Court, ON PETITION FOR REHEARING EN BANC (DECIDED: May 30, 2001). 

Claim Rejections - 35 USC § 101 

6. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

7. Claims 26 and 28 are rejected under 35 U.S.C. 101 because the claims recite 
"transmitting means.... reconfiguring means. ...mean for determining... mean for 
assigning. ..mean for activating.." are nonstatutory and just limited to functional 
descriptive material consisting of computer program per se (reciting in paragraph 
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[0028], By automatically changing IP addresses of the trusted hosts on the VPN via a 
predetermined algorithm), algorithm is a software per se, instead of being defined as 
including tangible embodiments (i.e., a computer readable storage medium such as 
memory device, ....). As such, the claims are not limited to statutory subject matter and 
are therefore nonstatutory. 

Claim 40 is depending on claim 26, claim 29, 30 and 41 are depending on claim 
28 and therefore they are also rejected under 35 U.S.C. 101 as claim 26 and 28 above. 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 21 , 26 are rejected under 35 U.S.C. 1 03(a) as being unpatentable by 
Hoke et al (hereinafter Hoke), U.S Patent No. 6701437 in view of Schneider et al 
(hereinafter Schneider), U.S Patent No. 6178505 which is included in the IDS. 

1 0. As to claim 21 , Hoke discloses a method for communicating on a network 
between a first data processing system and a second data processing system, the 
method comprising the computer-implemented steps of: 
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transmitting data packets on the network from the first data processing system to 
the second data processing system using a virtual private network (VPN) (column 8, 
lines 38-48; column 9, 10-12); and 

automatically reconfiguring the VPN to use alternate addresses on the network 
for the first data processing system and the second data processing system (column 13, 
lines 28-49), wherein automatically reconfiguring the VPN to use alternate addresses on 
the network for the first data processing system and the second data processing system 
includes: 

assigning an alternate address to the first data processing system and the 
second data processing system based on which of the plurality of reconfiguring 
algorithms (VPN unit implying Packet Processing Module 618 in Fig. 6) is currently 
active (column 12, lines 32-36; column 13, lines 28-49). 

Hoke does not disclose determining which of a plurality of reconfiguring algorithm 
is currently active. However Schneider discloses the feature of determining which of a 
plurality of reconfiguring algorithm is currently active (column 19, lines 37-42). 

It would have been obvious to the one skilled in the art at the time of the 
invention to combine the teaching of Hoke with the teaching of Schneider to have the 
feature of determining which of a plurality of reconfiguring algorithm is currently active. 
Because it would provide users the better way to send data over VPN, like cost savings 
and scalability, securely transmitting to ensure the authenticity, integrity and 
confidentiality of data; avoid traditional leased line by tapping into the geographically- 
distributed assess already available. 
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11. As to claim 26, Hoke discloses a distributed data processing system for 
communicating on a network, the distributed data processing system comprising: 

transmitting means (Fig. 6, Processor 600) for transmitting data packets on the 
network from a first data processing system to a second data processing system using 
a virtual private network (VPN) (column 8, lines 38-48; column 9, lines 10-12); and 

reconfiguring means (Fig. 6, Packet Processing Module 618) for automatically 
reconfiguring the VPN to use alternate addresses on the network for the first data 
processing system and the second data processing system (column 13, line 48-49), 
wherein the reconfiguring means includes: 

means for assigning (Fig 6. Packet Processing Module 618) an alternate 
address to the first data processing system and the second data processing system 
based on which of the plurality of reconfiguring algorithms is currently active (column 

12, lines 32-36; column 13, lines 28-49). 

Hoke does not disclose means for determining which of a plurality of 
reconfiguring algorithms is currently active. However, Schneider discloses means for 
determining (Fig. 2, Access Filter 203) which of a plurality of reconfiguring algorithms is 
currently active (column 19, lines 37-42). 

The motivation of this claim is as same as the one of claim 21 above. 



Application/Control Number: 1 0/61 1 ,609 Page 7 

Art Unit: 2458 

12. Claims 23, 25, 28, 30, 38-41 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable by Hoke in view of Schneider and further in view of Sun et al (hereinafter 
Sun), U.S Patent No. 6704282 which is included in the IDS. 

13. As to claim 23, Hoke discloses a method for communicating on a network 
between a first data processing system and a second data processing system, the 
method comprising the computer implemented steps of: 

transmitting data packets on the network from the first data processing system to 
the second data processing system using a virtual private network (VPN) (column 8, 
lines 38-48; column 9, 10-12); 

automatically reconfiguring the VPN to use alternate addresses on the network 
for the first data processing system and the second data processing system (column 13, 
lines 28-49). 

Hoke does not disclose activating one of a plurality of reconfiguring algorithms 
based on information from one or more avoider algorithm modules indicating when to 
switch between VPN tunnels; and 

switch to an alternate VPN tunnel. 

However, Schneider discloses activating one of a plurality of reconfiguring 
algorithms based on information from one or more avoider algorithm modules (column 
19, lines 37-42). 

Hoke and Schneider do not disclose indicating when to switch between VPN 
tunnels and switch to an alternate VPN tunnel. 



Application/Control Number: 1 0/61 1 ,609 Page 8 

Art Unit: 2458 

However Sun discloses indicating when to switch between VPN tunnels and 
switch to an alternate VPN tunnel (column 4, lines 23-31). 

It would have been obvious to the one skilled in the art at the time of the 
invention to combine the teaching of Hoke, Schneider with the teaching of Sun to have 
a feature of activating one of a plurality of reconfiguring algorithms based on information 
from one or more avoider algorithm modules indicating when to switch between VPN 
tunnels and automatically reconfiguring the VPN to use alternate addresses on the 
network for the first data processing system and the second data processing system to 
thereby switch to an alternate VPN tunnel. Because it would provide users a better way 
of traffic loading, resource availability, reliability and scalability. 

14. As to claim 25, Hoke, Schneider and Sun disclose the invention as described in 
claim 23 above. Sun discloses the information from one or more avoider algorithm 
modules indicating when to switch between VPN tunnels (column 4, lines 23-31). Sun 
does not disclose includes information indicating a specified time period a current VPN 
tunnel may be active. However, Hoke discloses includes information indicating a 
specified time period a current VPN tunnel may be active (column 12, lines 36-41). 

It would have been obvious to the one skilled in the art at the time of the 
invention to combine the teaching of Sun with the teaching of Hoke to have the 
information from one or more avoider algorithm modules indicating when to switch 
between VPN tunnels includes information indicating a specified time period a current 
VPN tunnel may be active. Because it would provide users a better way to free the 
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network bandwidth, minimize the cost of leasing lines and protect data from preventing 
intruder accessing VPN. 

15. As to claim 28, Hoke discloses a distributed data processing system for 
communicating on a network, the distributed data processing system comprising: 

transmitting means (Fig. 2, Processor 600) for transmitting data packets on the 
network from a first data processing system to a second data processing system using 
a virtual private network (VPN) (column 8, lines 38-48; column 9, lines 10-12); 

reconfiguring means (Fig. 2, Packet Processing Module 618) for automatically 
reconfiguring the VPN to use alternate addresses on the network for the first data 
processing system and the second data processing system to thereby switch to an 
alternate VPN tunnel (column 13, lines 38-49). 

Hoke does not disclose means for activating one of a plurality of reconfiguring 
algorithms based on information from one or more avoider algorithm modules indicating 
when to switch between VPN tunnels. However Schneider discloses means for 
activating (Fig. 2, Access Filter 203) one of a plurality of reconfiguring algorithms based 
on information from one or more avoider algorithm modules (column 19, lines 37-42). 

Hoke and Schneider do not disclose indicating when to switch between VPN 
tunnels. However Sun discloses indicating when to switch between VPN tunnels 
(column 4, lines 23-31). 

The motivation of this claim is as same as the one of claim 23 above. 
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16. As to claim 30, Hoke, Schneider and Sun disclose the invention as described in 
claim 28 above. Sun discloses the information from one or more avoider algorithm 
modules indicating when to switch between VPN tunnels (column 4, lines 23-31). Sun 
does not disclose includes information indicating a specified time period a current VPN 
tunnel may be active. However Hoke discloses includes information indicating a 
specified time period a current VPN tunnel may be active (column 12, lines 36-41). 

The motivation of this claim is as same as the one of claim 25 above. 

17. As to claim 38, Hoke and Schneider disclose the invention as described in claim 
21 above. Hoke discloses automatically selecting, during a same session between the 
first data processing system and the second data processing system (column 8 lines 
38-48; column 9, lines 10- 12), wherein the alternate address assigned to the first data 
processing system and the alternate address assigned to the second data processing 
system are associated with the alternate VPN tunnel (column 12, lines 32-36; column 
13, lines 28-49). Hoke does not disclose an alternate VPN tunnel for transmitting data 
packets from the first data processing system to the second data processing system. 
However Sun discloses an alternate VPN tunnel for transmitting data packets from the 
first data processing system to the second data processing system (column 4, lines 23- 
31). 

The motivation of this claim is as same as the one of claim 23 above. 
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18. As to claim 39, Hoke, Schneider and Sun disclose the invention as described in 
claim 23 above. Hoke discloses the reconfiguring algorithms automatically select, during 
a same session between the first data processing system and the second data 
processing system (column 8, lines 38-48; column 9, lines 10-12), wherein the alternate 
address assigned to the first data processing system and the alternate address 
assigned to the second data processing system are associated with the alternate VPN 
tunnel (column 12, lines 32-36; column 13, lines 28-49). Hoke does not disclose the 
alternate VPN tunnel for transmitting data packets from the first data processing system 
to the second data processing system. However Sun discloses the alternate VPN tunnel 
for transmitting data packets from the first data processing system to the second data 
processing system (column 4, lines 23-31). 

The motivation of this claim is as same as the one of claim 23 above. 

1 9. As to claim 40, Hoke and Schneider disclose the invention as described in claim 
26 above. Hoke discloses the reconfiguring algorithms automatically select, during a 
same session between the first data processing system and the second data processing 
system (column 8, lines 38-48; column 9, lines 10-12), wherein the alternate address 
assigned to the first data processing system and the alternate address assigned to the 
second data processing system are associated with he alternate VPN tunnel (column 
12, lines 32-36; column 13, lines 28-49). Hoke does not disclose an alternate VPN 
tunnel for transmitting data packets from the first data processing system to the second 
data processing system. However Sun discloses an alternate VPN tunnel for 
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transmitting data packets from the first data processing system to the second data 
processing system (column 4, lines 23-31). 

The motivation of this claim is as same as the one of claim 23 above. 

20. As to claim 41 , Hoke, Schneider and Sun disclose the invention as described in 
claim 28 above. Hoke discloses the reconfiguring algorithms automatically select, during 
a same session between the first data processing system and the second data 
processing system (column 8, lines 38-48; column 9, lines 10-12), wherein the alternate 
address assigned to the first data processing system and the alternate address 
assigned to the second data processing system are associated with the alternate VPN 
tunnel (column 12, lines 32-36; column 13, lines 28-49). Hoke does not disclose the 
alternate VPN tunnel for transmitting data packets from the first data processing system 
to the second data processing system. However Sun discloses the alternate VPN tunnel 
for transmitting data packets from the first data processing system to the second data 
processing system (column 4, lines 23-31). 

The motivation of this claim is as same as the one of claim 23 above. 

21 . Claims 24, 29 are rejected under 35 U.S.C. 103(a) as being unpatentable by 
Hoke in view of Schneider further in view of Sun as applied in claims 23 and 28 above 
and further in view of Ma et al (hereinafter Ma), U.S Patent No. 5953338. 
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22. As to claim 24, Hoke, Schneider and Sun disclose the invention as described in 
claim 23 above, Sun discloses the information from one or more avoider algorithm 
modules indicating when to switch between VPN tunnels includes information indicating 
that VPN tunnels should be switched (column 4, lines 23-31 ). Sun does not disclose 
based on a maximum number of data packets that may be sent over a currently active 
VPN tunnel. However Ma discloses based on a maximum number of data packets that 
may be sent over a currently active VPN tunnel (column 8, lines 16-30). 

It would have been obvious to combine the teaching of Hoke, Schneider and Sun 
with the teaching of Ma to have the information form one or more avoider algorithm 
modules indicating when to switch between VPN tunnels includes information indicating 
that VPN tunnels should be switched based on a maximum number of data packets that 
may be sent over a currently active VPN tunnel. Because it would provide users the 
efficient way to prevent overload when transmitting data by applying load balancing 
function to manage the bandwidth of the system. 

23. As to claim 29, Hoke, Schneider and Sun disclose the invention as described in 
claim 28 above. Sun discloses the information from one or more avoider algorithm 
modules indicating when to switch between VPN tunnels (column 4, lines 23-31). Sun 
does not disclose includes information indicating that VPN tunnels should be switched 
based on a maximum number of data packets that may be sent over a currently active 
VPN tunnel. However, Ma discloses includes information indicating that VPN tunnels 
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should be switched based on a maximum number of data packets that may be sent over 
a currently active VPN tunnel (column 8, lines 16-30). 

The motivation of this claim is as same as the one of claim 24 above. 

24. Claims 32, 33 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Hoke, Schneider and Sun as applied to claim 23 above, further in view of Tunnicliffe et 
al (hereinafter Tunnicliffe), U.S Patent No. 62721 10. 

25. As to claim 32, Hoke, Schneider and Sun disclose the invention as described in 
claim 23 above. Sun discloses the one or more avoider algorithm modules determines 
when to switch between VPN tunnels (column 4, lines 23-31). Sun does not disclose 
based on an amount of data traffic transmitted over a current VPN tunnel. However 
Tunnicliffe discloses based on an amount of data traffic transmitted over a current VPN 
tunnel (column 3, lines 30-36). 

It would have been obvious to the one skilled in the art at the time of the 
invention to combine the teaching of Hoke, Schneider and Sun with the teaching of 
Tunnicliffe to have the one or more avoider algorithm modules determines when to 
switch between VPN tunnels based on an amount of data traffic transmitted over a 
current VPN tunnel. Because it would provide users the better way to balance the 
packets, save cost of leasing line and protect the content of data over VPN. 
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26. As to claim 33, Hoke, Schneider and Sun disclose the invention as described in 
claim 23 above. Sun discloses the current VPN tunnel is deactivated and the alternate 
VPN tunnel is activated (column 5, lines 53-60). Sun does not disclose the one or more 
avoider algorithm modules determine whether a current total amount of data traffic 
transmitted over a current VPN tunnel during a life of the current VPN tunnel is equal to 
or greater than a threshold amount of data traffic, and if the current total amount of data 
traffic transmitted over the current VPN tunnel is equal to or greater than the threshold. 
However Tunnicliffe discloses the one or more avoider algorithm modules determine 
whether a current total amount of data traffic transmitted over a current VPN tunnel 
during a life of the current VPN tunnel is equal to or greater than a threshold amount of 
data traffic, and if the current total amount of data traffic transmitted over the current 
VPN tunnel is equal to or greater than the threshold (column 3, lines 36-41 ). 

The motivation of this claim is as same as the one of claim 32 above. 

27. Claims 34 is rejected under 35 U.S.C. 103(a) as being unpatentable over Hoke, 
Schneider, Sun and Tunnicliffe as applied to claims 23 and 33 above, in view of Narad 
et al (hereinafter Narad), U.S Patent No. 6421730 and further in view of Patrik Larsson 
(hereinafter Larsson), U.S Patent No. 6163184. 

28. As to claim 34, Hoke, Schneider, Sun and Tunnicliffe disclose the invention as 
described in claim 23 and 33 above. They do not disclose the threshold amount of data 
traffic is calculated as a sum of a portion of an IP address of the first data processing 
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system and a portion of an IP address of the second data processing system, multiplied 
by a constant. However Narad discloses the threshold amount of data traffic is 
calculated as a sum of a portion of an IP address of the first data processing system 
and a portion of an IP address of the second data processing system (column 92, lines 
40-44). Narad does not disclose multiplied by a constant. However Larsson discloses 
multiplied by a constant (column 5, lines 40-41). 

It would have obvious to the one skilled in the art at the time of the invention to 
combine the teaching of Hoke, Schneider, Sun, Tunnicliffe and Narad with the teaching 
of Larsson to have the threshold amount of data traffic calculated as a sum of a portion 
of an IP address of the first data processing system and a portion of an IP address of 
the second data processing system, multiplied by a constant. Because it would provide 
users the better secured method to protect data over VPN. 

29. Claims 35, 36 are rejected under 35 U.S.C. 1 03(a) as being unpatentable by 
Hoke in view of Schneider, Sun and further in view of Pegrum et al (hereinafter 
Pegrum), U.S Patent No. 651417. 

30. As to claim 35, Hoke, Schneider and Sun disclose the invention as described in 
claims 23 and 25 above. They do not disclose the specified time period that the current 
VPN tunnel may be active is determined based on a time at which the current VPN 
tunnel was activated. However Pegrum discloses the specified time period that the 
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current VPN tunnel may be active is determined based on a time at which the current 
VPN tunnel was activated (column 4, lines 10-13). 

It would have been obvious to the one skilled in the art at the time of the 
invention to combine the teaching of Hoke, Schneider, and Sun with the teaching of 
Pegrum to have the specified time period that the current VPN tunnel may be active is 
determined based on a time at which the current VPN tunnel was activated. Because it 
would provide user a better way to send, protect data over VPN. 

31 . As to claim 36, Hoke, Schneider and Sun disclose the invention as described in 
claims 23 and 25 above. They do not disclose the specified time period that the current 
VPN tunnel may be active is determined randomly. However Pegrum discloses the 
specified time period that the current VPN tunnel may be active is determined randomly 
(column 4, lines 10-13). 

The motivation of this claim is as same as the one of claim 35 above. 

32. Claim 37 is rejected under 35 U.S.C. 103(a) as being unpatentable by Hoke in 
view of Schneider, Sun and further in view of Laiho et al (hereinafter Laiho), U.S Patent 
No. 6151507. 

33. As to claim 37, Hoke, Schneider and Sun disclose the invention as described in 
claims 23 and 25 above. They do not disclose the specified time period that the current 
VPN tunnel may be active is determined as a function of a sum of a number of minutes 
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past an hour at which the current VPN tunnel was activated plus a constant. However 
Laiho discloses the specified time period that the current VPN tunnel may be active is 
determined as a function of a sum of a number of minutes past an hour at which the 
current VPN tunnel was activated plus a constant (column 23, lines 46-59). 

It would have been obvious to the one skilled in the art at the time of the 
invention to combine the teaching of Hoke, Schneider and Sun with the teaching of 
Laiho to have the specified time period that the current VPN tunnel may be active 
determined as a function of a sum of a number of minutes past an hour at which the 
current VPN tunnel was activated plus a constant. Because it would provide users the 
better way to select the validity period of VPN, also efficiently manage the VPN based 
on the period of time in which VPN is established. 

Conclusion 

34. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Muniyappa et al U.S 6092200 

Quentin c. Liu U.S 6079020 

Arrow et at U.S 6226751 

Any inquiry concerning this communication or earlier communications from the 
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